[vpn] Question regarding Lucent/Cisco VPN client
dgillett at deepforest.org
dgillett at deepforest.org
Thu Nov 15 18:12:01 EST 2001
It may be that those clients are using the LSP (Layered Service
Provider) mechanism. IF this is the case, then (a) the NDIS layer
may not be the right one to do what you want, and (b) they may be
blocking your driver binding as a way to prevent split tunnelling.
I believe Microsoft's position is that the LSP facility is the
"right" place to implement desktop firewalls, thrid-party VPN
clients, and the capturing functionality that you are trying to
build. (Search MSDN for "LSP" to find the one or two articles which
document this facility.)
Dave Gillett
On 15 Nov 2001, at 13:51, Soumya Munshi wrote:
> Hi
>
> I have written an NDIS protocol driver that captures packet from
> underlying adapters by binding to those adapters on a Windows 2000
> machine. I am testing my product on machines with Lucent IPSec or
> Cisco VPN client installed, because by binding to these virtual VPN
> Miniport adapters I should be able to capture the unencrypted
> packets before they are encrypted. But I am not being able to bind
> to any of these adapters. I am passing the name exported by these
> adapters in the registry but the NdisOpenAdapter call returns an
> error saying that the name is not recognized. Is there any specific
> reason why this should happen ? Doing the same process works for
> Intel Shiva VPN client.
>
> Soumya Munshi
> Lucent Technologies.
>
> VPN is sponsored by SecurityFocus.com
VPN is sponsored by SecurityFocus.com
More information about the VPN
mailing list